SFCP: Information Security Exam Prep
What is the responsibility of the Information Security Oversight Office, or ISOO? - ✔✔To
oversee and manage the information security program, under the guidance of the National
Sec
...
SFCP: Information Security Exam Prep
What is the responsibility of the Information Security Oversight Office, or ISOO? - ✔✔To
oversee and manage the information security program, under the guidance of the National
Security Council, or NSC.
What is the responsibility of the National Security Council, or NSC? - ✔✔To provide the overall
policy direction for the Information Security Program. It assists the President in developing and
issuing National Security Policies, and it guides and directs the implementation and application
of the Executive Order. The
NSC exercises its guidance primarily through the ISOO.
What is the USD(I) and their responsibility? - ✔✔The Under Secretary of Defense for
Intelligence has the primary responsibility for providing guidance, oversight, and approval
authority of policies and procedures that govern the DoD Information Security Program (by
issuing the DoD Instruction 5200.01).
The three levels of classified information are designated by what executive order? - ✔✔EO
13526
What are the 5 requirements for Derivative Classification? - ✔✔1) Observe and respect the
OCAs original class determination.
2) Apply the required markings
3) Only use authorized sources
4) Use caution when paraphrasing
5) Always take the appropriate steps to resolve any doubts you have
What are the 4 types of Declassification Systems? - ✔✔Scheduled, automatic, mandatory, and
systematic.
What is Scheduled Declassification? - ✔✔Instructions consist of either a date or event for
declassification.
What is Automatic Declassification? - ✔✔Classified records that have been determined to have
permanent historical value, will be automatically declassified on December 31st of the year that
is 25 years from the date of its original classification.
(There are 9 categories of information that may be classified beyond 25 years. You can easily
identify this information by the use of a 25X instruction for declassification. The exemptions are
annotated as 25X with the category number following the X, for example, 25X1 or 25X9.)
What is Mandatory Declassification Review, or MDR? - ✔✔It is another method of
declassifying information, based on requesting a review of the information to see if classification
is still necessary.
What is Systematic Declassification? - ✔✔A program to review classified records after a certain
age.
What are the options an OCA
has when determining declassification? - ✔✔Specific Date, Specific Event, or by the 50X1-
HUM Exemption
What type of information does
not provide declassification instructions? - ✔✔Restricted Data and Formerly Restricted Data
What are the purposes of the SF701 and SF 702? - ✔✔The SF 701, or the Activity Security
Checklist, is used to record your End of Day checks.
The SF 702, or the Security Container Check Sheet, is used to record the opening and closing of
your security container.
What does the term Information System refer to? - ✔✔Refers to a set of information resources
organized for the collection, storage, processing, maintenance, use, sharing, dissemination,
disposition, display, or transmission of information.
[Show More]
